Mobile communication device

ABSTRACT

A method of accessing a partition on a mobile communication device may include the steps of receiving data specifying a partition, receiving an identification code from an identification module in or associated with the device, determining, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed, and allowing or denying access to the specified partition accordingly.

The present invention relates to the field of mobile communicationdevices. In particular, it relates to a mobile communication device onwhich a user can switch between different partitions or profiles.

It is currently known to have multiple different users on an operatingsystem in a PC environment using a UID (user ID) combined with arespective password to toggle between them.

It is also known to have dual SIM mobile phones.

People have also considered the possibility of providing a multi-usermobile phone.

However, the inventors of the present invention have realised that thereis a desire for a single user to be able to have different profiles orpartitions on a single mobile communication device, such as a workprofile and a home profile, for example. This could enable them, forexample, to keep different aspects of their life separate without havingto have multiple devices. As far as the inventors are aware, no mobilecommunication device currently available allows a user to have multipleprofiles or partitions on a single device so that they can partitioncontent (user-generated or otherwise) and functionality between theseprofiles.

US 2010/0323664 A1 discloses a mobile device for multiple users. Eachuser has his/her own dedicated memory partition in which they canread/write data. Each partition is associated with a different smartcard ID and a user must insert his/her smart card into the device inorder to access his/her partition.

GB 2408179 A discloses a mobile telephone for multiple users where eachuser can configure the telephone to operate in a particular manner. Thephone uses a single SIM card and each user must enter a PIN/passcode inorder to be able to use the telephone.

According to a first aspect of the invention, there is provided a methodof accessing a partition or switching between partitions on a mobilecommunication device, the method comprising: receiving data specifying apartition; receiving an identification code from an identificationmodule associated with the device; determining, based on the dataspecifying a partition and the identification code, whether access tothe selected partition is to be allowed; and allowing or denying accessto the selected partition accordingly.

The identification module could be or comprise a removableidentification module, a remote identification module, a SIM card,hardware, a secure element, a trusted execution environment (TEE), or asoftware SIM, for example. The identification module could be providedin the device or remotely.

Thus, according to the first aspect, a user can access a partition orswitch between partitions on their mobile device only when averification based on both the data specifying the partition and anidentification code from an identification module associated with thedevice (e.g. a SIM card or hardware or secure element or TEE in thedevice) has been made. By requiring an identification code from anidentification module associated with the device (e.g. a SIM card orhardware or secure element or TEE in the device) as part of theverification process this provides security to the user because apartition can only be accessed on the appropriate device, or on a devicewith the correct identification module (e.g. SIM card or hardware orsecure element or TEE).

Preferably, more than one partition may be accessed and controlled via asingle and unique SIM card (or other identification module of thedevice). More preferably, all of a user's partitions are accessible viaa single unique SIM card (or other identification module of the device).Thus, there is advantageously no need for a separate SIM card (oridentification module) for each partition accessible on the mobiledevice, and so no need to switch from one SIM or identification moduleto another to access different partitions.

A partition may have predefined content and/or functionality.

The data specifying a partition may specify, for example, the contentand/or functionality of the partition, a name and/or passcode of thepartition, and/or a path to a cloud or external server from which dataspecifying the content and/or functionality of the partition can bedownloaded.

Preferably, the method comprises sending the identification code fromthe identification module to open the specified partition when access tothe specified partition is allowed.

The method may comprise sending or displaying a message indicating thataccess to the specified partition is not allowed when access to thespecified partition is not allowed.

The method may comprise sending the data specifying a partition and theidentification code from the identification module to a partition entrymodule when access to the specified partition is allowed. In this case,the data specifying a partition and the identification code arepreferably sent from the identification module to a partition entrymodule via a secure channel. A secure channel may be created by a mutualauthentication process between the identification module and thepartition entry module, for example.

The method may advantageously comprise encrypting the data specifying apartition and/or the identification code before sending them to thepartition entry module.

An initialisation process for accessing a partition preferably involvesassociating data specifying a partition (e.g. a PIN or passcode) withidentification data from an identification module associated with thedevice. Thus, more than one data specifying a partition (e.g. a PIN orpasscode) may be associated with a single identification data from anidentification module associated with the device. The identificationcode or identification data from the identification module associatedwith the device could be a unique hardware identifier such as the IMEI(International Mobile Equipment Identity), for example.

Preferably, the data specifying a partition and identification code areverified in the identification module to determine whether access to thespecified partition is to be allowed.

The method preferably comprises generating the identification code inthe identification module based on the data specifying a partition, andpreferably also based on identification data of the identificationmodule.

The identification code may be a certificate, for example, which may begenerated from identification data of the identification module and/orthe data specifying the partition.

In some embodiments, where one or more partitions are stored in thecloud or at an external server, preferably a mutual authenticationprocess is performed between the SIM (or other identification module) inthe mobile communication device and a virtual or physical SIM or SAM (orother identification module) in the cloud before access to the partitionin the cloud is allowed. Thus, security levels provided at the mobilecommunication device may be extended to the cloud. Preferably, themutual authentication process is performed before the passcode or dataspecifying the partition is checked.

When a partition is accessed, preferably only content specified to beavailable in that partition is accessible to the user. In addition oralternatively, a partition may have a predefined configuration or set-upso that when a user accesses that partition their device willautomatically change to that configuration. A configuration could, forexample, specify device functionality such as ring volume, call divertfunction, vibrate function, and whether functionalities such asBluetooth, SMS, MMS and internet are on or off, etc.

Preferably, when a user has accessed a partition on a mobile device, anycontent, such as SMS/MMS messages, photos, images, videos, documents,browsing history, Internet passwords/usernames etc., obtained (e.g.downloaded onto the device, received via a wireless communicationnetwork, or photographs/videos taken by the device) whilst the thatpartition is accessed is subsequently accessible only when thatpartition, and perhaps one further partition constituting an“administrator” partition, is accessed on the mobile device. The contentcould be stored on the mobile device, for example in the partition inwhich it was obtained and/or, for example, it could be stored remotelyin a cloud or server. By using a cloud or other server to store some orall of the partition data remotely, this can provide a useful backup ifa mobile device is lost or stolen and/or a larger storage facility inwhich more data can be stored than on the mobile device alone. Partitiondata stored remotely from the device may be accessed when a partition isaccessed, preferably using the same security steps as for checkingaccess to the partition on the device, i.e. based on the data specifyingthe partition and an identification code of an identification moduleassociated with the device. Thus, the data in the cloud would only beaccessible via the correct mobile device since the identification codefrom the SIM card or hardware of the device would be required in orderto gain access.

A user could set on the device what types of content would fall in thecategory of only being available in the partition they were obtained in.Other types of content (e.g. emails) could, for example, be accessiblein other or any partitions on the device.

Once a partition has been accessed, all audit trails and activity may bekept discretely within the partition. This could include browsinghistory, call lists and address book, for example.

The term “mobile communications device” includes devices such as mobiletelephones (cell phones), wireless PDAs, mobile tablet devices,phablets, televisions, laptop computers (e.g. comprising a SIM card) andgenerally any device that is capable of communicating wirelessly, e.g.via a wireless (wifi) network and/or via a mobile telephone network.

The present invention can enable a user to partition different aspectsof their life such as work, home, school, travel, etc., where onlycertain information is viewable in each partition. Thus, multiple data,each specifying a partition, may be used in conjunction with a SIM orhardware or other identification module identifier to gain access todifferent partitions on a mobile device. Such an arrangement allows easeof use, security and the convergence of multiple lifestyle needs withina single device.

In the present invention a user name (UID) is not needed. The presentinvention is designed for a single user, which means the system can makeuse of smart object technology in the SIM or other identificationmodule, if all the identities and security algorithms link to the SIM orother identification module, in order to provide security to the system,as the device has partitions rather than separate or discrete identitiescreated on it, and therefore a two factor authentication can be used toallow entry at every point. If the SIM or other identification module isused as the control point, no UID needs to be entered, just dataspecifying a partition.

If the system were for multiple users this would require user names(Unique Identifiers), such as JBloggs or ASmith, to be entered and thiswould be impossible if the device were locked. If an input screen wereto be created it would also be difficult to undertake on a regularbasis. This would essentially render the service either unusable orinsecure. However, since the present invention is for a single user anddoes not require user names, these problems are not present.

Preferably, access to and management of the partitions (e.g. mapping)are controlled by the SIM or other identification module associated withthe mobile communication device. Ideally, the SIM card (or otheridentification module) checks the passcode(s) entered to access thedifferent partitions and allows or denies access to the variouspartitions based, at least in part, on the entered passcode. Such asystem provides greater security than known systems in which partitionaccess and mapping are controlled by an application in the mobile andnot in the SIM or other secure element.

Preferably, a mapping table mapping passcodes to their respectivepartitions is stored in the SIM or other identification moduleassociated with the mobile communication device. This helps the SIM orother identification module be able to control access to the differentpartitions securely.

In a preferred process, a SIM or other identification module receivesdata specifying a partition (e.g. a passcode). The SIM or otheridentification module then preferably verifies the data specifying apartition and creates a certificate, based on the result of thatverification. The certificate is preferably generated based on, e.g. byperforming an algorithm on, the data specifying a partition (e.g. apasscode) and identification data (e.g. an identifier) of the SIM cardor other identification module. The certificate is then preferablytransmitted via a secure channel to a processor in the device, via whichaccess to the partitions is controlled.

As explained above, the user may select what data (e.g. which photos,videos, internet browsing history, call logs, internetpasswords/usernames etc.) is available in each partition. The partitionsmay have separate and/or common content, applications, services etc.Thus, a user could select, for example, what media or other content theywant to be available in different parts of their life. Moreover, theinvention allows a user to use a single device for both home and workpurposes, for example, without compromising their work/life integrity.

The selection of what content and/or functionality is available in eachpartition is preferably performed in an administrator partition (MEA),where the content, settings (e.g. functionality) and identity of theother partitions can be set. A user could use the administratorpartition to select or de-select features of the mobile device, such asthose described below, to partition content and functionality pertinentto the different partitions.

For example, a user could:

-   -   have separate and different address lists in each partition    -   have separate and different browsing histories in each partition    -   have separate and different photos and videos in each partition    -   have separate and different SMS and MMS records in each        partition    -   have separate and different lists of calls to send straight to        voicemail in each partition    -   send SMS and MMS straight to folders in different partitions        without appearing in all partitions    -   synchronise or not synchronise different folders in different        partitions to a PC or a cloud    -   have separate and different call timers in each partition to aid        in corporate expenses and recharge    -   have separate, different but also complimentary apps in each        partition    -   have separate and different email accounts in each partition    -   turn on/off Bluetooth, SMS, voice or data services in each        partition    -   not be able to see and content in other partition unless in the        administrator partition    -   have separate and different voicemail greetings in each        partition

Of course, some content and/or functionality may be common or sharedbetween more than one partition.

The user preferably has access to all functionality and content in theMEA. Within the MEA, the user may set up partitions' respectivepasscodes (see below), for example.

If the user has accessed a particular partition and the device enters astandby mode (e.g. after a certain predefined period of inactivity orfollowing the pressing of a “standby” key), the device will preferablystandby in the partition mode it was previously in (i.e. immediatelybefore standby) and follow any conditional formula which has been set upfor activity of that partition in that mode. For example, if the user isin a “home” partition, they could configure all calls except for a groupcalled family to be sent directly to voicemail. They could also do thesame for all SMS messages received except for the family group again.Any digital content (e.g. media such as audio, images and/or video)which arrives could be sent to the administrator partition, which couldeither hold or re-file that content based on pre-defined rules toanother partition set up by the user.

Preferably, the identification code is received from and may correspondto or be based on a SIM card in the device. This provides securitybecause if the SIM card is removed from the device all the content onthe device is locked as it is no longer possible for someone to enter apartition; the identification code from the SIM is required in order foraccess to the partition to be allowed. The user is secured because ifthe SIM is removed or remotely deactivated, the verification processwill no longer work due to lack of one of its elements (the SIMidentification code), so the content is locked securely in the device.This would also be the case if the partition content were stored in acloud or another external memory device; the lack of a SIM wouldprohibit access to any partition. Removal of the SIM would lock allpartition content and insertion of a new SIM would not unlock thecontent as it would not have the correct identification code.

Preferably, the SIM is based on a JavaCard. This provides thepossibility for the SIM to manage different applets, one for eachpartition, with independent security features. These applets could beused to control access to each of the partitions on the device.

In one preferred embodiment, the data specifying a partition comprises apasscode for the specified partition. The passcodes for the partitionsmay each comprise letters and/or numbers and are preferably 1-9 digitslong, more preferably 3 or 4 digits long. Preferably, they are solelynumeric passcodes. The passcodes for different partitions may have thesame or differing lengths.

With the present invention, entry into a selected partition maytherefore be allowed or denied based on both a passcode for a partitionand an identification code from a SIM or hardware of the device. Forexample, both the passcode and the identification code could have tomatch those stored in the device for the selected partition for accessto the selected partition to be allowed.

However, preferably, the identification code or identification data(from a SIM card or hardware or other identification module in orassociated with the device) and the passcode are passed through analgorithm to create a certificate or hash. Preferably, the algorithmcomprises an encryption algorithm such as a PKI (public keyinfrastructure) algorithm, for example. The certificate or hash may thenbe compared with a predefined certificate or hash for the selectedpartition (see below for a description of a preferred form of this) and,if the two certificates or hashes match, access to the selectedpartition can be allowed. This provides a secure system because userauthentication can be verified at each point. This means that networkservices and audit trails can be used with full integrity. A mobilephone carrier, for example, can be confident that a user is the lawfuland contracted user of the device who is financially and legallyresponsible for all activity undertaken with the device.

Preferably, once a certificate or hash has been created, both thecertificate or hash and the SIM or hardware or other identificationmodule identifier are passed to a verification module which decrypts thecertificate or hash to provide the passcode for the partition and passesthe user to the partition they were seeking to access, providing entryis allowed. Entry is allowed if the certificate or hash corresponds to apredefined certificate or hash for the partition.

The passcode is preferably entered by a user of the device. A user couldenter the passcode by touching on a touch-sensitive screen or a keypadof the device, for example.

Alternatively, the data specifying a partition could be received from asignal-emitting device. Preferably, the data is received wirelessly. Thesignal-emitting device could be a NFC (near field communication) tag,for example. In this way, a user may access a partition on their deviceby, for example, holding their device by a NFC tag for a selectedpartition. For example, a user could have a tag at home, a tag at work,a tag in the car, etc. When a user moves to a different part of theirlife (e.g. home, work, car) they can receive a signal from the relevanttag and their device will automatically access the relevant partitionbased on their location.

The tags or other signal-emitting devices may be used as environmentdescriptors. Preferably, a signal-emitting device contains an encryptedversion of a passcode or a hash representing the passcode, which it cantransmit wirelessly to a mobile device held near the signal-emittingdevice. Preferably, the signal-emitting device also contains a unique IDcorresponding to that signal-emitting device. The signal-emitting devicecould also contain information relating to its environment such as a“post it” (information) from other people in the environment. Thisinformation could then be transmitted from the signal-emitting device toa mobile device.

As an alternative to using NFC tags (which not all mobile communicationdevices may be able to read), Flashcode could be used to implement asimilar system. However, this might reduce security and some featuressuch as the “post-it” provision might not be possible. For thesereasons, NFC tags are preferred to a Flashcode-based system.

A passcode could be required to be entered by the user to switch thedevice into an NFC or Flashcode tag controlled mode, where partitionsmay be accessed based on an NFC or Flashcode signal received by thedevice. Requiring a passcode in this way could reduce the potentialsecurity risk associated with using Flashcode, or even with NFC tags onwhich the security may be limited for cost reasons.

The data specifying a partition could, for example, comprise dataspecifying the content and/or functionality available in that partitioninstead of or in addition to a passcode for that partition. In this way,a new partition could, for example, be set-up on a device with aspecified configuration. This could be useful, for example, in a cinema,hospital or library, where a device could receive a signal (e.g. from aNFC tag) causing it to enter a “cinema” partition where vibrate isturned off and the ring volume is set to “silent”.

The NFC tags, or other signal-emitting devices, could be set-up tocontain the information specifying a partition before they are sold to auser. For example, a number of pre-defined partitions could be providedon respective signal-emitting devices with settings appropriate for“home”, “car” and “office” use. Alternatively, or additionally, a usercould set up their own signal-emitting devices with informationspecifying partitions by coupling the signal-emitting devices to theircomputer. The information provided to the signal-emitting devices fromthe computer could be defined by the user themselves or it could beinformation downloaded from the internet specifying a pre-definedpartition that a user might wish to use. In an alternative embodiment,the data specifying a partition could comprise data specifying a path todata on a cloud or server where details of the partition are located.These details could comprise data specifying the content and/orfunctionality of the partition, for example. The path specified by thedata is preferably a unique and secure path.

Preferably, the first time a communication device receives a signal froma signal-emitting device specifying a path for a particular partition,as described above, the communication device sends a signal to the cloudor server specified by that path and, in response, receives data fromthe cloud or server specifying a partition (i.e. its content and/orfunctionality). The partition (e.g. its functionality and, optionally,its content) may then be saved on the communication device. The contentneed not necessarily be stored on the communication device itself. Itcould, for example, be stored remotely, for example in a cloud orserver, and then accessed when required by the user of the device.

The next time the communication device receives a signal from the same(or another) signal-emitting device to enter that partition, thecommunication device may enter that partition based on the dataspecifying that partition that is already saved on the mobilecommunication device. There would be no need for the communicationdevice to send and receive a signal from the cloud or server as thedevice would already contain the data required to access the specifiedpartition. In one example, the user or another person (e.g. a controllerof the partition, in the case of a partition which may be accessed bymore than one user/communication device) may update the data specifyingthe partition (e.g. its content and/or functionality) that is stored inthe cloud or server. Then, when a communication device receives a signalfrom a signal emitting device to access that partition, preferably thatsignal also contains data specifying that the partition has been updatedand, even if the device already has the partition (before the update)stored thereon, it preferably sends a signal to the cloud or serverspecified by the path and, in response, receives data specifying theupdated partition (e.g. its content and/or functionality) which is thenaccessed on the communication device. The updated partition may then bestored on the communication device.

The partitions specified by the signal-emitting devices could be “open”or “closed”.

If a signal-emitting device emits information specifying a partitionthat is deemed to be “open”, this would mean that a mobile communicationdevice user could receive that signal and then access the specifiedpartition on their device. This could be useful in public spaces such ascinemas and hospitals, for example.

In contrast with this, when a signal-emitting devices emits informationspecifying a partition that is deemed to be “closed”, this would meanthat a mobile communication device user might have to enter a code orpassword before their device could enter the specified partition. Inthis way, only users in possession of the correct code or password couldenter closed partitions on their device. This could be useful in spacessuch as schools or corporations where only certain people would wish to,or would be wished to be allowed to, access a particular partition.

In order to switch between the partitions on a device, preferably theuser “locks” the device such that the device leaves its currentpartition. The user may then access a different (or the previous)partition by entering the passcode for that partition or by holding thedevice on or near a signal-emitting device, for example. The inputpasscode is then preferably passed to the entry application, asdescribed above, and if entry is allowed, the device then enters theselected partition.

Alternatively, a user may switch between partitions without first havingto lock their device.

Content of a particular partition may be encrypted. The content could bestored in the partition on the mobile device or it could be storedelsewhere, for example in a cloud or server, which is accessible when auser accesses the partition on their mobile device. If the content isencrypted, the method of accessing a partition preferably comprisesdecrypting any encrypted content of that partition (wherever thatcontent is stored). The encryption and decryption of the content couldbe based on the passcode for the partition and/or the identificationcode for the SIM or hardware in the device, for example. Theencryption/decryption of the content could therefore be based on thesame encryption algorithms as those used to create a hash, for example.

In some embodiments, it might not be desirable for the content to beencrypted.

In a preferred embodiment of the invention, a single user is consideredwith a single unique SIM card inserted into the SIM slot of his/hermobile communication device. All of the secrets and partitionallocations are ideally under the control of this one unique SIM. TheSIM is ideally the safe box for all of the secrets (e.g. theidentification code of the SIM or other hardware or secure element ofthe device). Preferably, when appropriate passcodes are sent from theSIM, authorization certificates are provided through a secure channel toa main processor in the mobile communication device which manages theaccess to the different partitions. Passcode verification is ideallydone in the SIM by a secure processor of the SIM. The security featuresof the SIM smart card allow it to create a secure channel with the mainprocessor in the mobile communication device to ensure confidentialityof the authorization certificates which are sent to open the targetedpartitions.

In some embodiments, different telephone numbers may be associated withdifferent partitions on or associated with a single communicationdevice. These may be domestic or international numbers, for example.Thus, messages sent to a particular telephone number can beautomatically stored in the partition with the telephone number to whichthey were sent. The partition could be on the device or in the cloud ora remote server, for example. Messages sent and calls made from aparticular partition (i.e. the device is in that partition) couldautomatically be sent from the telephone number associated with thatpartition so that replies/responses to such messages or calls would bedirected back to the same telephone number and partition.

In some embodiments, the device or a partition on the device may beconfigured such that the device automatically switches to a differentpartition at a predefined time. For example, when a device is in a“school” or “work” partition, it could be set to automatically enter adifferent partition (e.g. a “home” partition) at a time corresponding tothe end of the school-day or work-day. The device could thenautomatically re-enter the “school” or “work” partition at the start ofthe next school-day or work-day. The device may also be configured toswitch to different partitions at different times during the school-dayor work-day (e.g. break or lunch times). In these partitions, the usercould, for example, be allowed access to the Internet and/or emailand/or SMS messages, which might be denied at other times during theschool-day or work-day, when in the “school” or “work” partition.

Alternatively or additionally, a partition may be configured to adjustits settings automatically at certain times. For example, when in a“school” or “work” partition a user could, for example, be allowedaccess to the Internet and/or email and/or SMS messages, which might bedenied at other times during the school-day or work-day.

Settings to automatically switch partitions and/or change thefunctionality/settings of a partition at predefined times could betransmitted to a device when entering a partition (e.g. a “school” or“work” partition) for the first time, for example when tapping on asignal-emitting device such as an NFC tag for the first time. The userwould then not have to re-tap on the signal-emitting device each timethey wanted to enter that partition. Rather, their device would beconfigured to leave and re-enter that partition automatically atpre-defined times. The pre-defined times could be set by anadministrator of the “school” or “work” partition, which could be someone other than the user of the mobile communication device.

According to a second aspect, there is provided a mobile communicationdevice comprising a partition entry module, wherein the partition entrymodule is arranged to: receive data specifying a partition; receive anidentification code from a identification module associated with thedevice; determine, based on both the data specifying a partition and theidentification code, whether access to the specified partition is to beallowed; and allow or deny access to the specified partitionaccordingly.

The identification module could be or comprise a removableidentification module, a remote identification module, a SIM card,hardware, a secure element, a trusted execution environment (TEE), or asoftware SIM, for example. The identification module could be providedin the device or remotely.

As with the first aspect, preferably the identification code is receivedfrom and corresponds to or is based on the SIM card or otheridentification module associated with or provided in the device.

The partition entry module is preferably stored in a memory in thedevice's hardware.

The data specifying a partition may comprise a passcode for thespecified partition.

The SIM card or other identification module is/are preferably arrangedto verify the data specifying a partition and the identification code todetermine whether access to the specified partition is to be allowed.

The SIM card or other identification module is/are preferably arrangedto generate the identification code based on the data specifying apartition.

The identification code may be a certificate generated fromidentification data of the SIM card or other identification module

The SIM card or other identification module is preferably arranged tosend the identification code to open the specified partition when accessto the specified partition is allowed.

The device may be arranged to send or display a message indicating thataccess to the specified partition is not allowed when access to thespecified partition is not allowed.

The SIM card or other identification module is preferably arranged tosend the data specifying a partition and the identification code to apartition entry module when access to the specified partition isallowed. In this case, the SIM card or other identification module isideally arranged to send the data specifying a partition and theidentification code to a partition entry module via a secure channel.The secure channel may be created by a mutual authentication processbetween the SIM card or other identification module and the partitionentry module, for example.

The device may comprise means for encrypting the data specifying apartition and/or the identification code before sending them to thepartition entry module.

The device may comprise keys and/or a touch-sensitive screen, and thepartition entry module may be arranged to receive the passcode when auser presses the keys and/or the touch-sensitive screen so as to enterthe passcode.

Preferably, the partition entry module and/or SIM card or otheridentification module comprises a hash creation module and the hashcreation module is arranged to pass the identification code and thepasscode through an algorithm to create a hash. The algorithm preferablycomprises an encryption algorithm, which is preferably a PKI encryptionalgorithm.

The partition entry module preferably comprises a verification modulearranged to compare the hash with a predefined hash for the partition,and to allow access to the partition if the two hashes match.

The device may comprise a receiver arranged to receive data specifying apartition from a signal-emitting device. Preferably, the data from thesignal-emitting device is received wirelessly. The signal-emittingdevice could comprise a NFC tag, for example.

Content of a particular partition may be encrypted for security reasons.Therefore, the device may comprise decryption means for decrypting anyencrypted content of an accessed partition.

According to a third aspect, there is provided a method of creating apartition on a mobile communication device, the method comprising:inputting a passcode for the partition; and setting what content and/orfunctionality is available in the partition. According to this aspect, auser may, for example, set up a partition on their device and specifywhat content and configuration/functionality they wish that partition tohave. Thus, they could, for example, set up partitions with content andfunctionality tailored to different aspects of their life.

The method may comprise inputting a name or identifier for thepartition, so that it can quickly and easily be identified by a user(e.g. “home”, “work”, etc.). Preferably, the method comprises passingthe passcode through an algorithm to create a hash. This hash may thenact as a predefined hash for the partition which can be checked againsta further hash when access to the partition is later sought. Preferably,the method also comprises passing an identification code oridentification data from a SIM card or hardware or other identificationmodule in or associated with the device through the algorithm with thepasscode to create the hash. Preferably, the algorithm comprises anencryption algorithm, which is preferably a PKI encryption algorithm.This makes the hash more secure. The hash may be stored in the device,for example. Alternatively or additionally it may be stored remotely,such as in a cloud or an external memory device. The method may furthercomprise encrypting the content that is available in the partition. Thisprovides further security to a user. Preferably, a passcode and/or anidentification code or identification data from a SIM card or hardwareor other identification module in or associated with the device would beused to encrypt the content. The method may comprise decrypting thecontent when the partition is accessed.

The method preferably comprises storing the passcode for the partitionin a SIM card or other identification module of the device.

The method preferably comprises receiving identification data from a SIMcard or other identification module of the device and generating anidentification code for the partition based on the passcode and theidentification data. In this case, the method may further comprisestoring the identification code in the device, preferably in a mappingtable for the partitions in the device.

According to a fourth aspect, there is provided a mobile communicationdevice comprising a partition creation module, the partition creationmodule being arranged to: receive a passcode for a partition to becreated; create a partition on the device corresponding to thatpasscode; and set what content and/or functionality is available in thatpartition.

The partition creation module may be further arranged to receive a nameor identifier for the partition.

Preferably, the partition creation module is arranged to pass thepasscode through an algorithm to create a hash. Preferably, thepartition creation module is further arranged to pass an identificationcode or identification data from a SIM card or hardware or otheridentification module in the device through the algorithm with thepasscode to create the hash. Preferably, the algorithm comprises anencryption algorithm, which is preferably a PKI encryption algorithm.

The partition creation module may be arranged to store the hash in thedevice.

Alternatively or additionally, the partition creation module may bearranged to store the hash remotely, preferably in a cloud or anexternal memory device. The device preferably comprises an administratorpartition and the partition creation module is only accessible oroperable when in the administrator partition. Thus, preferably, a usermust be in the administrator partition in order to create, modify andcontrol partitions on their device. The administrator partition could bestored on the mobile device or it could be stored in a cloud or externalhardware device to be accessed locally or wirelessly.

The content that is accessible in a partition may be encrypted. Thedevice may therefore comprise decryption means arranged to decrypt theencrypted content of a partition when a user accesses that partition.

The passcode for the partition is preferably stored in a SIM card orother identification module of the device.

The partition creation module is preferably provided in the SIM card orother identification module of the device.

According to a fifth aspect, there is provided a system comprising amobile communication device and at least one signal-emitting device,wherein the devices are arranged such that when the mobile communicationdevice receives a signal from a signal-emitting device specifying apartition, the mobile communication device accesses the partitionspecified by that signal. Thus, signal-emitting devices may be used tomake a mobile communication device enter a specified partition and thereis not necessarily any need for a user to interact with their device(e.g. by pressing keys or a touch-sensitive screen).

Preferably, the at least one signal-emitting device emits signalswirelessly. It could comprise a NFC tag, for example.

The signal specifying a partition may comprise a passcode for thatpartition.

Alternatively or additionally, the signal specifying a partition maycomprise information specifying what functionality the mobilecommunication device will have in that partition and/or what contentwill be available. Thus, a signal from a signal-emitting device may beused to cause a mobile device to enter a partition where thefunctionality of that partition and/or the content accessible when inthat partition is specified in the signal received from thesignal-emitting device. In this case, the signal from a signal-emittingdevice could cause the partition to first be created on the mobiledevice and then cause the mobile device to enter that partition. Thiscould happen automatically when a mobile device receives a signal from asignal-emitting device or a user could be required to enter a code orpassword for the partition before a new partition can be created. Oncethe partition has been created for the first time, if a user receives afurther signal to enter that partition this could then happenautomatically, for example, without requiring the user to enter the codeor password again. Alternatively, a user could be required to enter acode or password for the partition each time their mobile devicereceives a signal to enter it.

The fifth aspect of the invention also extends to a signal-emittingdevice (or transmitter) arranged to send a signal specifying a partitionto a mobile communication device such that when the mobile communicationdevice receives the signal the mobile communication device accesses thepartition specified by that signal.

According to a sixth aspect, there is provided a method of accessing apartition on a mobile communication device, the method comprising:receiving a signal from a signal-emitting device, the signal comprisinginformation specifying a partition on a mobile communication device; andaccessing that partition based on the received signal. Thus, as with theprevious aspect, signal-emitting devices may be used to make a mobilecommunication device access a partition and there is not necessarily anyneed for a user to interact with their device (e.g. by pressing keys ora touch-sensitive screen).

The signal specifying a partition may comprise a passcode for thepartition. The method may comprise accessing a partition on the devicecorresponding to the received passcode.

The signal specifying a partition may comprise information specifyingwhat functionality the mobile communication device will have and/or whatcontent will be available when that partition is accessed. Thus, as withthe previous aspect, a signal from a signal-emitting device may be usedto cause a mobile device to enter a partition where the functionalityand/or content of that partition is specified in the signal receivedfrom the signal-emitting device.

Preferably, the signal-emitting device emits signals wirelessly. Itcould comprise an NFC tag, for example.

According to a seventh aspect, there is provided a mobile communicationdevice comprising: a receiver for receiving a signal comprisinginformation specifying a partition on a mobile communication device; andpartition access means for accessing a partition based on the receivedsignal.

The receiver may be arranged to receive a passcode for a partition andthe partition access means may be arranged to access the partition thatcorresponds to the received passcode.

The partition access means may be arranged to create a partition basedon partition configuration information contained in the received signal,and to then access that partition.

Preferably, the receiver is arranged to receive a signal wirelessly,such as a signal from a NFC tag, for example.

According to an eighth aspect, there is provided a method of accessing apartition on a mobile communication device comprising selecting apartition from a list of available partitions displayed on the device,and then accessing the selected partition. Thus, a user may simply andeasily access a partition on their device by selecting a partition froma list of available partitions displayed on the device.

The partitions may have predefined accessible content and/orfunctionality such as the content and functionality described above.

The list of available partitions may comprise a list of partition names.

Alternatively or additionally, the list of available partitions maycomprise a list or array of images representing the respectivepartitions.

The method preferably comprises the user touching keys and/or atouch-sensitive screen of the device in order to select a partition fromthe list.

In a preferred embodiment, after a partition has been selected, a usermust enter a passcode for that partition before the partition can beaccessed. This provides security since a person must know the passcodefor a partition in order to be able to enter it.

According to a ninth aspect, there is provided a mobile communicationdevice comprising at least two partitions and a partition access module,wherein the partition access module is arranged to: cause a screen onthe mobile communication device to display a list of availablepartitions; receive data specifying a partition selected from that list;and allow access to the selected partition.

Preferably, the partition access module is arranged to only allow accessto a selected partition if it receives a correct passcode for thatpartition.

According to a tenth aspect, there is provided a computer program foraccessing a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: receive data specifying a partition;receive an identification code from a SIM card or hardware in thedevice; determine, based on both the data specifying a partition and theidentification code, whether access to the specified partition is to beallowed; and allow or deny access to the specified partitionaccordingly.

According to an eleventh aspect, there is provided a computer programfor creating a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: receive a passcode for the partition; andset what content and/or functionality is available in the partition.

According to a twelfth aspect, there is provided a computer program foraccessing a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: receive a signal from a signal-emittingdevice, the signal comprising information specifying a partition on amobile communication device; allow access to that partition based on thereceived signal.

According to a thirteenth aspect, there is provided a computer programfor accessing a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: display a list of available partitions on ascreen of the mobile communication device; receive informationcorresponding to a partition selected from that list; and allow accessto the selected partition.

According to a fourteenth aspect, there is provided a computer readablemedium with a computer program according to any of the tenth tothirteenth aspects of the invention stored thereon.

The various aspects of the invention may comprise any of the optional orpreferred features of the other aspects of the invention. In order toavoid repetition, not all of the optional or preferred features havebeen described under each aspect of the invention.

The various aspects of the present invention have a number of possibleapplications. They could be of particular benefit, for example, whenused in places such as cinemas, libraries, hospitals and schools. Forexample, a public NFC tag (i.e. a tag emitting a signal specifying apartition which anyone is free to access on their mobile device, withouthaving to enter a code or password into their device) could be locatedat a cinema. Before customers at a cinema watch a film, they could holdtheir mobile device near the tag and a signal would be sent from the tagto the device causing the phone to enter a “cinema” partition, where,for example, the device's volume is set to “silent” and vibrate isturned off. Calls could, for example, be sent straight to voicemail.

Preferred embodiments of the invention will now be described by way ofexample only and with reference to the accompanying drawings in which:

FIG. 1 shows an embodiment of the basic security architecture on amobile phone;

FIG. 2 shows a schematic diagram of an embodiment of the basic securityarchitecture on a mobile phone with NFC communication;

FIG. 3 is an illustration of an embodiment using NFC tags; and

FIG. 4 is an illustration of an embodiment where partition data isstored in a cloud.

FIG. 1 shows a preferred embodiment of the basic architecture of amobile phone with n partitions (domains).

The SIM card is a JavaCard with n applets, one for each partition.Applet 0 is labelled “Master key” and is the applet for the“Administrator partition” described above, from which all the otherpartitions can be managed.

The phone also has a main processor where encryption and decryption areperformed and access to a partition is checked and allowed or denied.

The data partition memory of the mobile phone is divided into npartitions. Access to each partition is controlled by an applet insidethe SIM module. An applet is provided for each partition. The mainfunction of each applet n is to control access to the partition n and toprovide the appropriate key to the main processor to performencryption/decryption of the data on the respective partition.

Access to each partition is protected by the SIM. A user must enter thecorrect passcode to access a given partition and for the encrypted datainside that partition to be decrypted.

When a user wishes to enter a particular partition then enter thepasscode or PIN for that partition by typing on the keypad ortouch-sensitive screen of the mobile phone. The entered passcode is thenpassed to the SIM where it is received by the corresponding applet andpassed through a PKI encryption algorithm combining it with the SIMidentifier to create a hash.

This is illustrated in the following table:

Pass code Input # × Pass code 2¹²⁸(PKI) × Partition number SIM/IMEA HashAnswer Work Up to 9 digits Run Algorithm Secure Answer Home Up to 9digits Run Algorithm Secure Answer Children Up to 9 digits Run AlgorithmSecure Answer Travel Up to 9 digits Run Algorithm Secure Answer SocialUp to 9 digits Run Algorithm Secure Answer

The hash is then passed to a main processor on the mobile phone where itis decrypted to extract the PIN and identify which partition the user isseeking to access. Then, if the hash correspond to a hash already storedin the phone's memory for that partition (or stored remotely, such as ina cloud or external memory storage device), access to the requestedpartition is allowed and the phone enters that partition.

The content accessible in each partition is encrypted, so when access toa particular partition is allowed, the content of that partition isdecrypted using the passcode for the partition and SIM identifier. Thecontent is stored in a database which is either stored in the deviceitself or remotely, such as in a cloud or internal hardware device.Separate data domains or a single database with partition flags could beused. The flags in such a database can indicate which data is accessibleto which partition.

When a partition has been entered and its content decrypted, the contentcan be viewed on the phone's screen and the phone has the configurationor set-up (functionality) corresponding to that partition.

As the data are encrypted, a direct access to the memory will deliverencrypted data. So no sensitive information will be available by thesemeans.

The SIM module is based on a JavaCard. This offers the possibility tomanage different applets with independent security features. If the SIMused for this function is also the phone operator SIM, the master key ofthe SIM will allow controlling the SIM and the telecom connection with amaster PIN. This means that first the SIM needs to be unlocked beforeone of the encrypted partitions can be unlocked (as is the case in abasic mobile phone).

On the other hand, if the SIM used for partition memory partitioningcontrol is not the operator SIM but a second secure element in thephone, a master key is not needed.

In order to manage the content and functionality of each partition, auser has to enter the administrator or master partition. From here, allthe other partitions can be managed and the user can set what content isvisible and what functionality is available as well as other phonesettings such as volume, vibrate and call divert.

When, for example, a photo or video is taken with a camera in the phone,that photo or video is automatically accessible when in the partition inwhich the phone was when the photo or video was taken. As a defaultsetting, it is not available in any other partitions except theadministrator partition. If a user wants to make that photo or videoavailable in a different or other partitions, he/she can manage this inthe administrator partition.

The domains 1-n could be data keys which specify data flags held in asingle database against content or functionality.

FIG. 2 shows an embodiment of the architecture of a mobile phone with npartitions (domains) which is configured to access the partitions usingNFC tags.

This embodiment is similar to that of FIG. 1 except that the phoneadditionally comprises an NFC front end which can send signals to NFCtags and receive signals from NFC tags.

This embodiment works in the same way as that of FIG. 1 except that thepasscode for a particular partition is received from an NFC tag, ratherthan being input by a user.

In addition, the phone can receive a signal from an NFC tag instructingit to set up and enter a new partition on the phone with a configurationdefined in the signal received from the tag. Alternatively, the signalcould comprise a unique and secure path to data specifying a partitionstored on a server or in a cloud, which the phone accesses after it hasreceived the path from the NFC tag. If the tag sends a signal to enteran “open” partition, then the phone enters that partition automatically.However, if the tag sends a signal to enter a “closed” partition, thenthe user has to enter the correct code or password for the partitionbefore they can enter it on their phone.

In one example, when the phone of FIG. 2 is held near an NFC tag, thefollowing steps are performed:

-   -   the phone receives a signal from the tag, the signal containing        data comprising a passcode for a partition and also        identification information relating to the tag    -   the passcode is extracted from the received signal by a specific        applet provided in the SIM card of the device    -   the environment/location is determined from the received signal        either from a certificate or encrypted passcode contained in the        signal, or from the identification information relating to the        tag    -   additional information (such as a “post-it” containing        information form previous users of the tag) can also be received        from the tag    -   the tag is updated by updating a certificate if, for security        reasons, it is valid just for one session/use, and/or by erasing        any additional information such as a “post-it” if it has been        downloaded into the mobile device

FIG. 3 shows a mobile phone in communication with an “Office desk” tag,where the phone has entered the “Office desk” partition with the set-upshown in the figure. In this case, the tag simply sent the phone apasscode to enter the “Office desk” partition, which already existed onthe mobile phone.

A specific application of the present invention will now be described.

In schools, a big problem can be how to control the use of mobile phones(or other mobile communication devices) to protect children against spamor SMS/MMS messages in the classroom, which could disrupt lessons, toavoid the use of such devices during exams, and to filter/controlinternet access such that certain, e.g. undesirable, websites are notaccessible.

By using the present invention, pupils can configure their mobile phonesto enter a commonly agreed mode (or partition) when they enter theschool premises or a classroom by holding their phones next to an NFCtag sending a signal for the phone to enter a “school” partition whoseconfiguration (i.e. accessible content and available functionality) isset by the school. For example, a pupil's phone could switch between thefollowing partitions during a school day:

At home—device is in “home” partition where:

-   -   SMS/MMS: allowed    -   Phone directory/contacts: fully accessible    -   Accessible content: “home” data    -   Internet access: freely allowed or under parental control        At school—device is held by an NFC tag such that it enters a        “school” partition where:    -   SMS/MMS: blocked    -   Phone directory/contacts: only parents/doctor/urgent contact        accessible    -   Accessible content: “school” data with free access such that        teachers can control this content    -   Internet access: blocked or filtered such that only certain        websites can be viewed        In an exam room—device is held by an NFC tag such that it enters        an “exam” partition where:    -   SMS/MMS: blocked    -   Phone directory: only parents/doctor/urgency    -   Data partition: Blocked    -   Internet access: Blocked

The “school” partition (or any other partition) could havetime-dependent functionality. For example, SMS/MMS/call functionalitycould be available only at certain pre-defined times of the day,corresponding to break and lunch times, for example. At other times,SMS/MMS/call functionality could be disabled or only allowed to aspecified list of “emergency” numbers (e.g. home, parents, carer).

FIG. 4 illustrates an embodiment where partition data is stored remotelyin a cloud accessed via a modem.

Here, the same data partitions are provided on the cloud as on themobile phone. This means that data stored in partitions on a mobilephone are replicated on a cloud and can be retrieved from the cloud inthe case, for example, that the mobile phone is lost or stolen.

As well as providing a replication of partition data, the cloud providesdata banks which can store more (additional) data than is stored orstorable on the mobile device with its limited memory size. Theadditional data that is stored in the cloud, but not on the mobile, canbe downloaded to the mobile phone in each respective partition whenrequired by a user.

The security of the partitions in the cloud is managed the same way ason the mobile phone and is based on the same encryption and preferablyalso on the same passcodes to access the encrypted areas. This meansthat the access to the encrypted area of a given partition on the cloudis managed from the SIM of the mobile phone.

The process is as follows: when the mobile phone is connected to thecloud, a mutual authentication process is managed between the mobilephone SIM and the SAM or virtual SAM on the Cloud server. Then, if thecorrect PIN N is entered into the mobile phone, access will be grantedboth to the partition N inside the mobile phone memory and to partitionN inside the cloud. This allows, for example, synchronisation betweenthe partition on the mobile phone and the corresponding partition on thecloud (or synchronisation of particular areas of the partitions). Datatransfer can be performed securely via a secure data channel createdfollowing a successful mutual authentication process.

A Trusted Services Manager (TSM) can be used to manage this processsecurely.

A TSM is an Over The Air (OTA) trusted service which controls themanagement of secure elements, keys and applications for mobile phones.An NFC mobile phone based on a JavaCard SIM makes it possible todownload cardlets securely and the associated security elements Over theAir.

A TSM system could include, for example, the capability to perform thefollowing steps:

CASSIS solution Step Customer experience features Service The mobilephone user/customer Auto-provisioning enrollment triggers with a singleclick on their platform phone the downloading of NFC Download Managerapplications onto the phone Application Installation follow- up Handsetfeedback (push-registry) Payment Customer uses their phone to pay: it isOff-line counter fast, convenient and it fits the modern reset lifestyleSmart MIDlet Mifare and Calypso OTA provisioning Transit Customer usesphone for transit and Top-up gateway for top-up over the air when thevalue runs OTA stored value low top-up Tag reading user interfaceRewards Customer accesses customized Customised tag information andpersonalized offers campaigns through interactive billboards managementCoupons download, store & redeem mechanism Over-The-Air immediateblocking S.O.S When customer loses their mobile Routing messages phone,NFC applications are to parties immediately blocked OTA. The sameRe-issuance applications can be easily management re-downloaded on a newdevice. Life cycle management

In the case of the present invention, TSM features can include thedownloading of specific applications to manage the environments relatedto each partition. This means the keys and the access rights for eachpartition. A TSM will handle also the NFC application which allows theautomatic switching from one partition to another when a mobile phonereceives a signal from a NFC tag. A TSM will also manage, over the air,the life cycle of the NFC mobile to support enrolment, downloads,updates, lost devices, end of life.

1. A method of accessing a partition or switching between partitions ona mobile communication device, the method comprising: receiving dataspecifying a partition; receiving an identification code from aidentification module associated with the device; determining, based onboth the data specifying a partition and the identification code,whether access to the specified partition is to be allowed; and allowingor denying access to the specified partition accordingly.
 2. A method asclaimed in claim 1, wherein the identification module is or comprises aremovable identification module, a remote identification module, a SIMcard, hardware, a secure element, a trusted execution environment, or asoftware SIM.
 3. A method as claimed in claim 1 or 2, wherein the dataspecifying a partition and identification code are verified in theidentification module to determine whether access to the specifiedpartition is to be allowed.
 4. A method as claimed in claim 1, 2 or 3,further comprising generating the identification code in theidentification module based on the data specifying a partition.
 5. Amethod as claimed in any preceding claim, wherein the identificationcode is a certificate generated from identification data of theidentification module.
 6. A method as claimed in any preceding claim,wherein the identification code is received from and corresponds to aSIM card in the device.
 7. A method as claimed in any preceding claim,wherein the data specifying a partition comprises a passcode for thespecified partition.
 8. A method as claimed in claim 7, wherein thedevice comprises keys and/or a touch-sensitive screen, and the passcodeis received when a user presses the keys and/or the touch-sensitivescreen so as to enter the passcode.
 9. A method as claimed in claim 7 or8, wherein the identification code is generated by passing the passcodethrough an algorithm to create a hash.
 10. A method as claimed in claim9, wherein the algorithm comprises an encryption algorithm, preferably aPKI encryption algorithm.
 11. A method as claimed in claim 9 or 10,wherein the hash is compared with a predefined hash for the partitionand access to the partition is allowed only if the two hashes match. 12.A method as claimed in any preceding claim, wherein the data specifyinga partition is received from a signal-emitting device.
 13. A method asclaimed in claim 12, wherein the signal-emitting device comprises a NFCtag.
 14. A method as claimed in any preceding claim comprisingdecrypting any encrypted content stored in the accessed partition.
 15. Amethod as claimed in any preceding claim, further comprising sending theidentification code from the identification module to open the specifiedpartition when access to the specified partition is allowed.
 16. Amethod as claimed in any preceding claim, further comprising sending ordisplaying a message indicating that access to the specified partitionis not allowed when access to the specified partition is not allowed.17. A method as claimed in any preceding claim, further comprisingsending the data specifying a partition and the identification code fromthe identification module to a partition entry module when access to thespecified partition is allowed.
 18. A method as claimed in claim 17,wherein the data specifying a partition and the identification code aresent from the identification module to a partition entry module via asecure channel therebetween.
 19. A method as claimed in claim 18,wherein the secure channel is created by a mutual authentication processbetween the identification module and the partition entry module.
 20. Amethod as claimed in claim 17, 18 or 19, further comprising encryptingthe data specifying a partition and/or the identification code beforesending them to the partition entry module.
 21. A method as claimed inany preceding claim, further comprising switching partitionautomatically at a predefined time.
 22. A method as claimed in anypreceding claim, wherein different telephone numbers are associated withdifferent partitions on a single mobile communication device.
 23. Amobile communication device comprising a partition entry module, whereinthe partition entry module is arranged to: receive data specifying apartition; receive an identification code from an identification moduleassociated with the device; determine, based on both the data specifyinga partition and the identification code, whether access to the specifiedpartition is to be allowed; and allow or deny access to the specifiedpartition accordingly.
 24. A device as claimed in claim 23, wherein theidentification module is or comprises a removable identification module,a remote identification module, a SIM card, hardware, a secure element,a trusted execution environment, or a software SIM.
 25. A device asclaimed in claim 23 or 24, wherein the identification module is arrangedto verify the data specifying a partition and the identification code todetermine whether access to the specified partition is to be allowed.26. A device as claimed in any of claims 23-25, wherein theidentification module is arranged to generate the identification codebased on the data specifying a partition.
 27. A device as claimed in anyof claims 23-26, wherein the identification code is a certificategenerated from identification data of the identification module.
 28. Adevice as claimed in any of claims 23-27, wherein the identificationcode is received from and corresponds to the SIM card in the device. 29.A device as claimed in any of claims 23-28, wherein the data specifyinga partition comprises a passcode for the specified partition.
 30. Adevice as claimed in claim 29, wherein the device comprises keys and/ora touch-sensitive screen, and the partition entry module and/oridentification module is arranged to receive the passcode when a userpresses the keys and/or the touch-sensitive screen so as to enter thepasscode.
 31. A device as claimed in claim 29 or 30, wherein thepartition entry module and/or identification module comprises a hashcreation module, the hash creation module being arranged to pass theidentification code and the passcode through an algorithm to create ahash.
 32. A device as claimed in claim 31, wherein the algorithmcomprises an encryption algorithm, preferably a PKI encryptionalgorithm.
 33. A device as claimed in claim 31 or 32, wherein thepartition entry module comprises a verification module arranged tocompare the hash with a predefined hash for the partition, and to allowaccess to the partition if the two hashes match.
 34. A device as claimedin any of claims 23 to 33, wherein the device comprises a receiverarranged to receive data specifying a partition from a signal-emittingdevice.
 35. A device as claimed in claim 34, wherein the signal-emittingdevice comprises a NFC tag.
 36. A device as claimed in any of claims 23to 35, wherein the device comprises decryption means for decrypting anyencrypted content of an accessed partition.
 37. A device as claimed inany of claims 23-36, wherein the identification module is arranged tosending the identification code to open the specified partition whenaccess to the specified partition is allowed.
 38. A device as claimed inany of claims 23-37, wherein the device is arranged to send or display amessage indicating that access to the specified partition is not allowedwhen access to the specified partition is not allowed.
 39. A device asclaimed in any of claims 23-38, wherein the identification module isarranged to send the data specifying a partition and the identificationcode to a partition entry module when access to the specified partitionis allowed.
 40. A device as claimed in claim 39, wherein theidentification module is arranged to send the data specifying apartition and the identification code to a partition entry module via asecure channel.
 41. A device as claimed in claim 40, wherein the securechannel is created by a mutual authentication process between theidentification module and the partition entry module.
 42. A device asclaimed in claim 39, 40 or 41, further comprising means for encryptingthe data specifying a partition and/or the identification code beforesending them to the partition entry module.
 43. A method of creating apartition on a mobile communication device, the method comprising:inputting a passcode for the partition; and setting what content and/orfunctionality is available in the partition.
 44. A method as claimed inclaim 43, further comprising inputting a name or identifier for thepartition.
 45. A method as claimed in claim 43 or 44, comprising passingthe passcode through an algorithm to create a hash.
 46. A method asclaimed in claim 45, comprising passing an identification code oridentification data from an identification module, such as a SIM card orhardware or secure element or software SIM or trusted executionenvironment, in or associated with the device through the algorithm withthe passcode to create the hash.
 47. A method as claimed in claim 45 or46, wherein the algorithm comprises an encryption algorithm, preferablya PKI encryption algorithm.
 48. A method as claimed in claim 45, 46 or47, comprising storing the hash in the device.
 49. A method as claimedin any of claims 45 to 48, comprising storing the hash remotely,preferably in a cloud or an external memory device.
 50. A method asclaimed in any of claims 43 to 49, comprising encrypting the contentthat is available in the partition.
 51. A method as claimed in claim 50,comprising using a passcode and/or an identification code oridentification data from an identification module, such as a SIM card orhardware or secure element or software SIM or trusted executionenvironment, in or associated with the device to encrypt the content.52. A method as claimed in claim 50 or 51, comprising decrypting thecontent when the partition is accessed.
 53. A method as claimed in anyof claims 43 to 52, further comprising storing the passcode for thepartition in an identification module of the device.
 54. A method asclaimed in any of claims 43 to 53, further comprising receivingidentification data from an identification module of the device andgenerating an identification code for the partition based on thepasscode and the identification data.
 55. A method as claimed in claim54, further comprising storing the identification code in the device,preferably in a mapping table for the partitions in the device.
 56. Amethod as claimed in any of claims 43-55, further comprising storing oneor more times at which the device will automatically switch betweenpartitions.
 57. A method as claimed in any of claims 43-56, furthercomprising associating different telephone numbers with two or morepartitions on a single mobile communication device.
 58. A mobilecommunication device comprising a partition creation module, thepartition creation module being arranged to: receive a passcode for apartition to be created; create a partition on the device correspondingto that passcode; and set what content and/or functionality is availablein that partition.
 59. A device as claimed in claim 58, wherein thepartition creation module is further arranged to receive a name oridentifier for the partition.
 60. A device as claimed in claim 58 or 59,wherein the partition creation module is arranged to pass the passcodethrough an algorithm to create a hash.
 61. A device as claimed in claim60, wherein the partition creation module is arranged to pass anidentification code or identification data from an identificationmodule, such as a SIM card or hardware or secure element or software SIMor trusted execution environment, in or associated with the devicethrough the algorithm with the passcode to create the hash.
 62. A deviceas claimed in claim 60 or 61, wherein the algorithm comprises anencryption algorithm, preferably a PKI encryption algorithm.
 63. Adevice as claimed in claim 60, 61 or 62, wherein the partition creationmodule is arranged to store the hash in the device.
 64. A device asclaimed in any of claims 60 to 63, wherein the partition creation moduleis arranged to store the hash remotely, preferably in a cloud or anexternal memory device.
 65. A device as claimed in any of claims 58 to64, wherein the device comprises an administrator partition and thepartition creation module is only accessible when in the administratorpartition.
 66. A device as claimed in any of claims 58 to 65, whereinthe content that is accessible in the partition is encrypted.
 67. Adevice as claimed in claim 66, wherein the device comprises decryptionmeans arranged to decrypt the encrypted content of a partition when auser accesses that partition.
 68. A device as claimed in any of claims58 to 68, wherein the passcode for the partition is stored in a SIM cardor hardware or secure element of the device.
 69. A device as claimed inany of claims 58 to 68, wherein the partition creation module is in theidentification module of the device.
 70. A system comprising a mobilecommunication device and at least one signal-emitting device, whereinthe devices are arranged such that when the mobile communication devicereceives a signal from a signal-emitting device specifying a partition,the mobile communication device accesses the partition specified by thatsignal.
 71. A system as claimed in claim 70, wherein the at least onesignal-emitting device comprises a NFC tag.
 72. A system as claimed inclaim 70 or 71, wherein the signal specifying a partition comprises apasscode for that partition.
 73. A system as claimed in claim 70, 71 or72, wherein the signal specifying a partition comprises informationspecifying what functionality the mobile communication device will havein that partition and/or what content will be available.
 74. Asignal-emitting device arranged to send a signal specifying a partitionto a mobile communication device such that when the mobile communicationdevice receives the signal the mobile communication device accesses thepartition specified by that signal.
 75. A method of accessing apartition on a mobile communication device, the method comprising:receiving a signal from a signal-emitting device, the signal comprisinginformation specifying a partition on a mobile communication device; andaccessing that partition based on the received signal.
 76. A method asclaimed in claim 75, wherein the signal specifying a partition comprisesa passcode for the partition.
 77. A method as claimed in claim 76comprising accessing a partition on the device corresponding to thereceived passcode.
 78. A method as claimed in claim 75, 76 or 77,wherein the signal specifying a partition comprises informationspecifying what functionality the mobile communication device will haveand/or what content will be available when that partition is accessed.79. A method as claimed in any of claims 75 to 78, wherein thesignal-emitting device comprises an NFC tag.
 80. A mobile communicationdevice comprising: a receiver for receiving a signal comprisinginformation specifying a partition on a mobile communication device; andpartition access means for accessing a partition based on the receivedsignal.
 81. A device as claimed in claim 80, wherein the receiver isarranged to receive a passcode for a partition and the partition accessmeans is arranged to access the partition that corresponds to thereceived passcode.
 82. A device as claimed in claim 80 or 81, whereinthe partition access means is arranged to create a partition based onpartition configuration information contained in the received signal,and to then access that partition.
 83. A device as claimed in claim 80,81 or 82, wherein the receiver is arranged to receive a signal from aNFC tag.
 84. A method of accessing a partition on a mobile communicationdevice comprising selecting a partition from a list of availablepartitions displayed on the device and then accessing the selectedpartition.
 85. A method as claimed in claim 84, the partitions havingpredefined accessible content and/or functionality.
 86. A method asclaimed in claim 84 or 85, wherein the list of available partitionscomprises a list of partition names.
 87. A method as claimed in claim84, 85 or 86, wherein the list of available partitions comprises a listor array of images representing the respective partitions.
 88. A methodas claimed in any of claims 84 to 87, comprising a user touching keysand/or a touch screen of the device in order to select a partition. 89.A method as claimed in any of claims 84 to 88, wherein after a partitionhas been selected, a user must enter a passcode for that partitionbefore the partition can be accessed.
 90. A mobile communication devicecomprising at least two partitions and a partition access module,wherein the partition access module is arranged to: cause a screen onthe mobile communication device to display a list of availablepartitions; receive data specifying a partition selected from that list;and allow access to the selected partition.
 91. A mobile communicationdevice as claimed in claim 90, wherein the partition access module isarranged to only allow access to a selected partition if it receives acorrect passcode for that partition.
 92. A computer program foraccessing a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: receive data specifying a partition;receive an identification code from an identification module, such as aSIM card or hardware or secure element or software SIM or trustedexecution environment, in or associated with the device; verify, basedon both the data specifying a partition and the identification code,whether access to the specified partition is to be allowed; and allow ordeny access to the specified partition accordingly.
 93. A computerprogram for creating a partition on a mobile communication device, theprogram being configured to perform the following steps when executed ona mobile communication device: receive a passcode for the partition; andset what content and/or functionality is available in the partition. 94.A computer program for accessing a partition on a mobile communicationdevice, the program being configured to perform the following steps whenexecuted on a mobile communication device: receive a signal from asignal-emitting device, the signal comprising information specifying apartition on a mobile communication device; and allow access to thatpartition based on the received signal.
 95. A computer program foraccessing a partition on a mobile communication device, the programbeing configured to perform the following steps when executed on amobile communication device: display a list of available partitions on ascreen of the mobile communication device; receive informationcorresponding to a partition selected from that list; and allow accessto the selected partition.
 96. A computer readable medium with acomputer program as defined in any of claims 92-95 stored thereon.